Secure digital credential sharing arrangement
2 Assignments
0 Petitions
Accused Products
Abstract
A secure and transparent digital credential sharing arrangement which utilizes one or more cryptographic levels of indirection to obfuscate a sharing entity'"'"'s credentials from those entities authorized to share the credentials. A security policy table is provided which allows the sharing entity to selectively authorize or revoke digital credential sharing among a plurality of entities. Various embodiments of the invention provide for secure storage and retrieval of digital credentials from security tokens such as smart cards. The secure sharing arrangement may be implemented in hierarchical or non-hierarchical embodiments as desired.
-
Citations
65 Claims
-
1-37. -37. (canceled)
-
38. A method for sharing digital credentials, comprising:
-
providing, in a computer readable storage medium, a first credential store having retrievably stored therein a plurality of credentials of a first entity; sharing, with a second entity, a portion of the credentials of the first entity in response to a first secret that is generated using a common secret shared by the first entity and the second entity and using a first entity specific string retrievable by the second entity; and providing the second entity with access rights to the portion of the credentials of the first entity that are shared with the second entity. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
-
-
52. Computer software, provided in a computer-readable medium, that shares digital credentials, the software comprising:
-
executable code that shares a portion of credentials of a first entity with a second entity in response to a first secret that is generated using a common secret shared by the first entity and the second entity and using a first entity specific string retrievable by the second entity; and executable code that provides the second entity with access rights to the portion of the credentials of the first entity that are shared with the second entity. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65)
-
Specification